How can i identify the authentification method/source of the User. What i mean is: How can i check that the authenticated User is a "LDAP"-User or a normal Plone User. Is it possible (I think it is), but i don't know how? Has anyone a little tip for me?
I use this code:
def is_plone_account(self): """ User name of current logged in user """ username = self.current_username acl_users = plone.api.portal.get_tool('acl_users') return acl_users.getUser(username) is not None
I do not think that there is a general and easy way to distinguish between various user types authenticated by the same
acl_users - e.g. LDAP users and local Plone users.
In your special case, you might be able to distinguish between the user types if they provide distinguishing properties (e.g. an LDAP user may have a property not available for a local user or vice versa).
If your integrated user sources all provide the
IUserEnumerationPlugin (which is quite likely), you could emulate the execution of
Products.PluggableAuthService.PluggableAuthService.PluggableAuthService.getUser[ById] to return the first enumerator plugin that recognizes the current user. You would use internal implementation details (which, of course, could break in the future).
@zopyx: Your solution doesn't match for me. I get for both Users a Value.
Not sure why this works for us but perhaps try to call getUser() on context.acl_users.user_source ( or source_users..check the spelling in the ZMI). This will limit the lookup to the local user folder of Plone.
Edit: Solution for me:
from Products.PlonePAS.interfaces.plugins import IUserIntrospection def is_plone_user(form): portal = api.portal.get() user = api.user.get_current().getUser() acl_users = api.portal.get_tool('acl_users') introspectors = acl_users.plugins.listPlugins(IUserIntrospection) is_source_user = False for introspector_id, introspector in introspectors: if introspector_id == "source_users": is_source_user = (user.getUserId() in list(introspector.getUserIds())) break return is_source_user
Thanks for the Tips. I have edited my solution for a better performance.
You do not have to iterate over all users..you look up a user in O(1) using getUserById().
For groups I check if a group is from ldap, not from plone (works fine with pas.plugins.ldap):
def is_ldap_group(group): actual = group.getGroup() return 'pasldap' in actual._propertysheets